Manage Step Up Verification
- Print
- PDF
Manage Step Up Verification
- Print
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback
1. Perform Step Up Authentication using the MFA factor
This POST method is for users to perform step up authentication using the MFA factor.
POST | {{url}}/api/step-up/authenticate/{{factor}} |
Request Parameter
Parameter | Description | Data Type | Required |
---|---|---|---|
factor | Indicates the MFA factor used for Step Up Verification. Value: TOTP | string | Mandatory |
Request Example
curl --location '{{url}}/api/step-up/authenticate/TOTP' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data '{
"otp": "093971"
}'
Response Example
Status: 200 OK |
{
"result": "SUCCESS"
}
2. Change Tenant Step Up Authentication Configuration Settings
This POST method is used to change the step up authentication configuration settings.
Note:
Only the tenant administrator can execute this API.
POST | {{url}}/api/step-up/configuration |
Request Parameters
The request parameters used in this method are shown in the following table:
Parameter | Description | Data Type | Required |
validationWindow | The validation time window in which the last Step Up authentication completion is valid before prompting to step up again for Step Up policy conditions with always prompt disabled (false). Default value:30 | Integer | Mandatory |
completedCookieMaxAge | How long in seconds the completion ID cookie is valid for Step Up policy conditions with always prompt enabled (true). Default value: 5 seconds. | Integer | Mandatory |
totpConfiguration/hash function | The hash function/algorithm used to generate the TOTP. Default value: SHA1 | String | Mandatory |
totpConfiguration/digits | The number of digits generated for the TOTP. Default value: 6 digits | Integer | Mandatory |
totpConfiguration/timeStep | Time window in seconds the TOTP is valid before the next TOTP is generated. | Integer | Mandatory |
Request Example
curl --location '{{url}}/api/step-up/configuration' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--data '{
"validationWindow": "<integer>",
"completedCookieMaxAge": "<integer>",
"totpConfiguration": {
"hashFunction": "SHA1",
"digits": "<integer>",
"timeStep": "<integer>"
}
}'
Response Example
Status: 200 OK
{
"validationWindow" : 19,
"completedCookieMaxAge" : 5,
"totpConfiguration" : {
"hashFunction" : "SHA1",
"digits" : 6,
"timeStep" : 30
}
3. Retrieve Tenant Step Up Authentication Configuration Settings
This GET method is used to retrieve the Step Up authentication configuration settings.
GET | {{url}}/api/step-up/configuration |
Request Example
curl --location '{{url}}/api/step-up/configuration' \
--header 'Accept: application/json'
Response Example
{
"validationWindow" : 19,
"completedCookieMaxAge" : 5,
"totpConfiguration" : {
"hashFunction" : "SHA1",
"digits" : 6,
"timeStep" : 30
}
Was this article helpful?